FSFE welcomes German Government's White Paper on "Secure Boot"

on: 2012-11-20

Yesterday the German Ministry of the
Interior published a white paper about "Trusted Computing" and "Secure Boot".
The white paper says that "device owners must be in complete control of (able
to manage and monitor) all the trusted computing security systems of their
devices." This has been one of FSFE's key demands from the beginning. The document
continues that "delegating this control to third parties requires conscious and
informed consent by the device owner".

Another demand by the FSFE is adressed by the government's white paper. That
before purchasing a device, buyers must be informed concisely about the
technical measures implemented in this device, as well as the specific usage
restrictions and their consequences for the owner: "Trusted computing security
systems must be deactivated (opt-in principle)" when devices are delivered.
"Based on the necessary transparency with regard to technical features and
content of trusted computing solutions, device owners must be able to make
responsible decisions when it comes to product selection, start-up,
configuration, operation and shut-down." And "Deactivation must also be
possible later (opt- out function) and must not have any negative impact on the
functioning of hard- and software that does not use trusted computing
functions."

"It is an important step, that a government now takes a firm
stand on "Secure Boot", too. We as a society have to make sure, that we are
in control of our computers, so everyone can install arbitrary software and
is able to retain exclusive control over his own data. Full, sole and
permanent control over security subsystems is necessary for this.", says
Matthias Kirschner, German Coordinator of the FSFE. "Now the Government has
to implement their position when buying new hardware."